radiusctl(8) - OpenBSD manual pages (original) (raw)
NAME
radiusctl —control the RADIUS protocol daemon
SYNOPSIS
| radiusctl | command [argument ...] |
|---|
DESCRIPTION
The radiusctl utility controls theradiusd(8) daemon.
The following commands are available:
test hostname radius_secret user_name [options]
Sends a RADIUS authentication request packet and shows the result. The request is for the user specified by user_name and sent to the RADIUS server specified by hostname.radius_secret is the shared secret with the server. The options are as follows:
interval seconds
Specifies how many seconds to wait before resending a packet. The default is 2.
maxwait seconds
Specifies the maximum amount of time to wait for a valid reply packet. The default is 8.
method method
Use method for authentication. It can be eitherpap, chap, ormschapv2. If this option is omitted,pap is used.
nas-port nas-port
Specify an integer value for the NAS-Port attribute in the packet. If this option is omitted, 0 is used.
password password
Use password foruser_name.
port port
Use port when sending a packet tohostname. If the port is omitted, the default port number 1812 is used.
tries number
Specifies the number of packets to try sending. The default is 3.
msgauth yes | no
Specifies if Message-Authenticator is given for the access request packet. The default is yes.
Show all ipcp sessions in the database ofradiusd_ipcp(8) briefly.
ipcp dump [-json]
Dump all ipcp sessions in the database ofradiusd_ipcp(8). When -json is specified,radiusctl shows the sessions in JSON format.
ipcp monitor [-json]
Monitor the database ofradiusd_ipcp(8), show newly created sessions and deleted sessions. When -json is specified,radiusctl shows the sessions in JSON format.
ipcp disconnect sequence
Request to disconnect the session specified by thesequence.
ipcp delete sequence
Request to delete the session specified by thesequence without requesting disconnection.
EXAMPLES
(show all sessions) $ doas radiusctl ipcp show Seq Assigned Username Start Tunnel From
21 192.168.1.99 mifune@example.jp 11:35AM 203.0.113.32:34859 22 192.168.1.103 nakadai@example.jp 11:56AM 192.0.2.4:61794 $
(disconnect Nakadai's session) $ doas radiusctl ipcp disconnect 22 $